red hat certified engineer course
DESCRIPTION
Red Hat Certified engineer courseTRANSCRIPT
Red Hat Certified engineercourse
Ali Abdo
“Linatrix”
AGENDA
• Course roles• Participant Introductions • What is RHCT, RHCE & why ? • Course sequence and overview • First level
Course roles
time, participate,mobile,selected,feedback
Participant Introductions instructor Please introduce yourself :--name. -job.-computer background. -”why you are here” ?-what you will do with this course?
What is RHCT, RHCE & why ?
Course sequence
RH033: Red Hat Linux Essentials“First level”
Course Description
The first course for both RHCT and RHCE certification tracks, RH033 is for who have never used Linux or UNIX, and who have no prior command line experience in any other operating system. You are taught the basics of a Red Hat Enterprise Linux environment, and it prepares you for your future role as a system administrator.
Prerequisites
User-level experience with any computer system, use of menus, use of any graphical user interface.
Goal
A Red Hat Enterprise Linux power user who can be productive in using and customizing a Red-Hat system for common command line processes and desktop productivity roles.
Audience
Users who are new to Linux and have no prior UNIX or command line skills, who want to develop and practice the basic skills to use and control their own Red Hat Linux system.
Course Objectives
1. Understand the Linux file system2. Perform common file maintenance3. Use and customize the GNOME interface4. Issue essential Linux commands from the command line5. Perform common tasks using the GNOME GUI6. Open, edit, and save text documents using the vi editor7. File access permissions8. Customize X Window System9. Regular expression pattern matching and I/O redirection10. Install, upgrade, delete and query packages on your system11. Network utilities for the user12. Power user utilities
RH133: Red Hat LinuxSystem Administration
Red Hat Certified Technician (RHCT)“second level”
Course Description
RH133 focuses on skills in systems administration on Red Hat Linux, to a level where you can attach and configure a workstation on an existing network. This course provides intensive hands-on training on Red Hat Enterprise Linux, and it prepare for the RHCT Certification .
Prerequisites
RH033 Red Hat Linux Essentials or equivalent experience with Red Hat Linux.
Goal
Upon successful completion of this course, students will possess basic Linux system administrator knowledge which can be proved by passing the RHCT Exam. The exam is a performance based lab exam that tests actual ability to install, configure, and attach a new Red Hat Linux system to an existing production network.
Audience
Linux or UNIX users who understand the basics of Red Hat Linux and desire further technical training to begin the process of becoming a system administrator.
Course Objectives
1. Install Red Hat Linux interactively and with Kickstart2. Control common system hardware; administer Linux printing subsystem3. Create and maintain the Linux file system4. Perform user and group administration5. Integrate a workstation with an existing network6. Configure a workstation as a client to NIS, DNS, and DHCP services7. Automate tasks with at, cron, and anacron8. Back up file systems to tape and tar archive9. Manipulate software packages with RPM10. Configure the X Window System and the GNOME d.e.11. Perform performance, memory, and process mgmt.12. Configure basic host security
RH253 Red Hat LinuxNetworking and Security Administration
Red Hat Certified engineer(RHCE)“third level”
Course Description
RH253 arms students with in-depth knowledge needed to configure common Red Hat Enterprise Linux network services. Network and local security tasks are also topics of this course.
Prerequisites
RH133 Red Hat Linux System Administration or equivalent experience with Red Hat Enterprise Linux, LAN/WAN fundamentals or equivalent, internet working with TCP/IP or equivalent.
Goal
Upon completion of this course, individuals can set up a Red Hat Enterprise Linux server and configure common network services and security at a basic level.
Audience
Linux or UNIX system administrators who already have some experience with Red-Hat Enterprise Linux systems administration, want course in networking services and security, and want to build skills at configuring network services and security administration .
Course Objectives
1. Networking services on Red Hat Linux server-side setup, configuration, and basic administration of common networking services: DNS, NIS, Apache, SMB, DHCP, Sendmail, FTP, proxy.2. Introduction to security3. Developing a security policy4. Local security5. Files and file system security6. Password security7. Kernel security8. Basic elements of a firewall9. Red Hat Linux-based security tools10. Responding to a break-in attempt11. Security sources and methods12. Overview of security tools
RH033: Red Hat Linux Essentials“First level”
Unit 1
Linux Ideas and History• what is the open source• history of open source• what is Linux ? & history of Linux • Linux Distributions• Red hate Distributions• Linux principles
Unit 2
Linux Usage Basics
• Logging in to a Linux System
• Switching between virtual consoles and the graphical environment
• Elements of the X Window System
• Starting the X server
• Changing Your Password
• The “root” user ... ?
• Changing Identities [su sudo]
• Editing text files [vim , nano, gedit, etc ]
Unit 3
Running Commands and Getting Help
• shell ... ?
• what is Command ?
• Running Commands
• Some essential Commands
• Getting Help [man, info, --help]
• Reading Usage Summaries
• The whatis, which, whereis Commands
• The man Command and man Pages
• The info Command and info Pages
• Extended Documentation
Unit 4
Browsing the File system
• Linux File Hierarchy Concepts
• Some Important Directories
• File and Directory Names
• Absolute and Relative Path names
• Changing Directories [cd]
• Listing Directory Contents [ls]
• Copying Files and Directories [cp]
• Moving and Renaming Files and Directories [mv]
• Creating and Removing Files
• Creating and Removing Directories
• Using Nautilus [Moving , Copying ,Moving and Copying]
• Determining File Content [file]
Unit 5
Users, Groups and Permissions• Users
• Groups
• Linux File Security
• Permission Precedence
• Permission Types
• Examining Permissions
• Changing File Ownership
• Changing Permissions Symbolic, Numeric and Nautilus
• Symbolic link and hard link
Unit 6
Using the bash Shell• Command Line Shortcuts File Gobbling, The Tab Key
• History , History Tricks
• Command Line Expansion,Commands and Braced Sets
• Command Editing Tricks
• gnome-terminal
• Scripting Basics
• Creating Shell Scripts Samples
Unit 7
Standard I/O and Pipes
• Standard Input and Output [ STDIN , STDOUT, STDERR]
• Redirecting Output to a File , Examples
• Redirecting STDOUT to a Program (Piping)
• Combining Output and Errors
• Redirecting to Multiple Targets [tee]
• Redirecting STDIN from a File
• Sending Multiple Lines to STDIN
• Scripting: for loops , examples
Unit 8
Text Processing Tools• Tools for Extracting Text
• Viewing File Contents
• Extracting Text by Keyword, Column
• Tools for Analyzing Text
• Gathering Text Statistics
• Sorting Text
• Eliminating Duplicate Lines
• Comparing Files
• Duplicating File Changes
• Spell Checking with aspell
• Tools for Manipulating Text
• Special Characters for Complex Searches
Unit 9
vim: An Advanced Text Editor• Introducing vim
• vim: A Modal Editor
• vim Basics [Opening a file, Modifying a File, Saving a File and Exiting]
• Using Command Mode [Moving Around, Search and Replace , Manipulating Text, Undoing]
• Visual Mode
• Using multiple "windows"
• Configuring vi and vim
Unit 10
Basic System Configuration Tools
• TCP/IP Network Configuration
• Managing Ethernet Connections
• Graphical Network Configuration [system-config-network]
• Network Configuration Files [Ethernet Devices, Global Network Settings, DNS]
• Printing in Linux [system-config-printer, Commands]
• Setting the System's Date and Time [system-config-date,
date ]
Unit 11
Investigating and Managing Processes• What is a Process?
• Listing Processes, Finding Processes
• Signals ,Sending Signals to Processes
• Scheduling Priority
• Altering Scheduling Priority
• Interactive Process Management Tools [gnome-system-monitor, top]
• Job Control
• Scheduling a Process To Execute Later [at , crontab]
• Grouping Commands , Exit Status
• Conditional Execution Operators
• The test Command
• Scripting: if Statements
Unit 12
Configuring the Bash Shell• Bash Variables
• Environment Variables
• Some Common Variables
• Aliases
• How bash Expands a Command Line , Preventing Expansion
• Login vs non-login shells
• Bash start up tasks: profile
• Bash start up tasks: bashrc
• Bash exit tasks
• Scripting: Taking input with positional Parameters
• Scripting: Taking input with the read command
Unit 13
Finding and Processing Files
• locate
• find
• The Gnome Search Tool
Unit 14
• Network Clients• Web Clients
• Non-GUI Web Browsers
• wget
• Evolution
• Non-GUI Mail Clients
• Open Ssh: Secure Remote Shell , scp
• rsync: Efficient File Sync
• FTP Clients,smbclient
• File Transfer with Nautilus
• Network Diagnostic Tools [ping , tracrout, host dig netstat, gnome-nettool]
Unit 15
Advanced Topics in Users, Groups and Permissions
• User and Group ID Numbers
• User management tools
• System Users and Groups
• Monitoring Logins
• Default Permissions
• Special Permissions for Executables
• Special Permissions for Directories
Unit 16
The Linux Filesystem In-Depth• Partitions and Filesystems
• Inodes and Directories
• cp and inodes
• mv and inodes
• rm and inodes
• Hard Links ,Symbolic
• The Fundamental File types
• Checking Free Space
• Removable Media , Mounting
• Archiving Files and Compressing
Unit 17
Essential System Administration Tools
• Planning an Installation
• Performing an Installation
• Managing Services
• Managing Software
• The Yum Package Management Tool
• Graphical Package Management
• Securing the System
• SELinux
• Packet Filtering iptables
• Firewall and SELinux Configuration [system-config-securitylevel
Unit 1
Linux Ideas and History• what is the open source• history of open source• what is Linux ? • history of Linux • Linux Distributions• Red hate Distributions• Linux principles
Objectives
Upon completion of this unit, you should be able to:
• Explain the nature of open source software• Discuss the origins of Linux• List the Linux operating system Distributions• List the Red Hat operating system distributions
• Explain basic Linux principles
What is Open Source?
Open source: software and source code available to all
• The freedom to distribute software and source code
• The ability to modify and create derived works
history of open source
history of open source
1983 -1985 Stallman's FSF , GNU and GPL
GNU stands for “GNU's Not Unix”
Creates open source version of UNIX utilities
Creates the General Public License (GPL)
Software license enforcing open source principles
what is GNU/Linux ?
Linux is is a Unix-like [Unix clone]operating system that was designed to provide personal computer users a free or very low-cost operating system.
Linux's kernel (the central part of the operating system) was developed by Linus Torvalds at the University of Helsinki in Finland.
To complete the operating system, Torvalds and other team members made use of system components developed by members of the Free Software Foundation for the GNU Project.
why is GNU/Linux ?
-Speed and Stability -Open Source tends to be high quality and economical. -Security: very little security holes & quick fixes.-True multiuser system (secure file permission )-Modularity (User isn't locked to one shell or GUI).-Strong communities for development and support.
GNU/Linux Historical Time line
1969: Unix is developed at AT&T1983: The GNU Project launched 1991: Linux 0.01 ( 10k line of code, 1 user)1994: Linux 1.0 ( 170k line of code, 100 thousand user)1996: Linux 2.0 ( 400k line of code, 1.5 million user)1998: Linux 2.1. ( 1.5M line of code, 7.5 million user)1999: Linux 2.2. 12 million users2008: A Promising Future
Linux Distributions
Linux Distributions
•Debian:
(>1200 developers), community developed, strong, 15k packages.
•Ubuntu:
for desktop users, based on Debian.
•Red Hat:
Early star, now for enterprise works .
•Fedora:
Sponsored by red hat, community supported.
•Centos:
The Free (from charge) rebuild from RHEL.
•Suse:
made by Novell, for enterprise. Lately there's a joint dev with Microsoft.
•OpenSuse:
Open source alternative of Suse, community supported
•Slackware:
Very Unix-like, Old but popular
Linux Principles
-Everything is a file . Including hardware– Configuration data stored in text– Small, single-purpose programs– Avoid Captive User Interfaces– Ability to chain programs together to perform
complex tasks.
End of Unit 1
Questions ... ?
Summary :
• Open source and the right to modify
• The GNU Project and the Free Software Foundation
• Linus Torvalds and the Linux kernel
• Red Hat Enterprise Linux and the Fedora Project
• Basic Linux Principles
Unit 2
Linux Usage Basics• Logging in to a Linux System
• Switching between virtual consoles and the graphical environment
• Elements of the X Window System
• Starting the X server
• Changing Your Password
• The “root” user ... ?
• Changing Identities [su sudo]
• Editing text files [vim , nano, gedit, etc ]
Objectives
Upon completion of this unit, you should be able to:
• Log into a Red Hat Linux system
• Start X from a console
• Access the command line from X
• Change your password
• Understand the nature of root privileges
• Elevate your privileges
• Edit plain text files
Logging in to a Linux System
• Two types of log-in screens:
1- virtual consoles (text-based)
2- graphical log-in (called display managers)
• log-in using log-in name and password
• Each user has a home directory for personal
file storage /home
Switching between virtual consoles and the graphical environment
A typical Linux system will run six virtual consoles and one graphical console
-Server systems often have only virtual consoles
-Desktops and workstations typically have both
Switch among virtual consoles by typing:
Ctrl-Alt-F[1-> 6]
Access the graphical console by typing
Ctrl-Alt-F7
Elements of the X Window System
-The X Window System is Linux's graphical subsystem
-Xorg is the particular version of the X Window System used by Red Hat Open source implementation of X Look and behavior largely controlled by the desktop environment
Two desktop environments provided by Red-Hat:
Is a Collections of applications that provide a graphical working environment with a consistent look and feel.
• GNOME:[GNU Network Object Model Environment] default desktop environment
• KDE: [K desktop environment ]an alternate desktop environment
Starting the X server
-On some systems, the X server starts automatically at boot time
-Otherwise, if systems come up in virtual consoles, users must start the X server manually
-The X server must be pre-configured by the system administrator
-Log into a virtual console and run startx The X server appears on Ctrl-Alt-F7
Changing Your Password
• Passwords control access to the system
-Change the password the first time you log in
-Change it regularly thereafter
-Select a password that is hard to guess
• change your password using GNOME,navigate to System->Preferences->About Me click Password.
• To change your password from a terminal:
passwdpasswd
The root user
The rootroot user: a special administrative account
Also called the superuser
• root has near complete control over the system and a nearly unlimited capacity to damage it....!
• Do not login as root unless necessary
• Normal users potential to do damage is more limited
Changing Identities
• susu - creates new shell as root
• sudosudo command runs command as root
Requires prior configuration by a system-
administrator
idid shows information on the current user
Editing text files
The nanonano editor Easy to learn, easy to use
• Other editors:
• geditgedit, a simple graphical editor
• vimvim, an advanced, full feature editor
• gvimgvim, a graphical version of the vim editor
End of Unit 2
Questions ...?
Summary
• Login name and password
• startx
• gnome-terminal
• Passwd
• su
• nano
Unit 3
Running Commands and Getting Help
• shell ... ?
• what is Command ?
• Running Commands
• Some essential Commands
• Getting Help [man, info, --help]
• Reading Usage Summaries
• The whatis, which, whereis Commands
• The man Command and man Pages
• The info Command and info Pages
• Extended Documentation
Objectives
Upon completion of this unit, you should be able to:
• Execute commands at the prompt
• Explain the purpose and usage of some
simple commands
• Use the built-in help resources in Linux
Shell ... ?
Shell is a Unix term for the interactive user interface with an operating system. The shell is the layer of programming that understands and executes the commands a user enters on operating system.
Shell types
• Bourne shell (sh)
• C shell (csh)
• TC shell (tcsh)
• Korn shell (ksh)
• Bourne Again SHell (bash)
what is shell command ?
They are part of a shell, each shell (C Shell, Bourne Shell and Korn Shell) has a set of commands built into its program, the commands within each shell stay the same across Linux / Unix distributions .
The user types shell commands at the shell prompt, the default of which is % for the C Shell, and $ for the Bourne Shell , Korn Shell . bash
Running Commands
Commands have the following syntax:
[commandcommand Options arguments]arguments]
Each item is separated by a space
-Options modify a command's behavior
Single-letter options usually preceded by “-” Can be passed as -a -b -c or -abc
Full-word options usually preceded by “--” [ --help]
-ArgumentsArguments are file names or other data needed by the command
Multiple Commands can be separated by “;”
Some Simple Commands
• datedate - display date and time
• calcal - display calendar
• LsLs list files
• CdCd change directory
Getting Help
• Don't try to memorize everything!
Many levels of help– whatiswhatis -- with makewhatis
• command –help
• man and info
• /usr/share/doc/
• Red Hat documentation
• IRC channels
The whatis Command
Displays short descriptions of commands
Uses a database that is updated nightly
Often not available immediately after install
$ whatiswhatis calcal
cal (1) - displays a calendar
The --help Option
Displays usage summary and argument list
Used by most, but not all, commands
$ date --help
Usage: date [OPTION]... [+FORMAT] or:
date [-u|--utc|--universal] [MMDDhhmm]
Display the current time in the given FORMAT, or set the system date.
Reading Usage Summaries
Printed by --helphelp, man and others
Used to describe the syntax of a command
Arguments in [ ] are optional
Arguments in CAPS or <> are variables
Text followed by ... represents a list
x|y|z means "x or y or z"
-abc means "any mix of -a, -b or -c"
The man Command
– The collection of all man pages on a system is called the Linux Manual. The Linux is divided into sections, each of which covers a particular topic, and every man page is associated with exactly one of these sections.
The sections are:Manual Sections.
– 1. General Commands– 2. System Calls– 3. Subroutines– 4. Special Files– 5. File Formats– 6. Games– 7. Macros and Conventions– 8. Maintenence Commands
man and man –k commands
The file:///usr/share/doc/usr/share/doc directory
Navigating man Pages
• While viewing a man page
-Navigate with arrows, PgUp, PgDn
-/text searches for text
-n/N goes to next/previous match
-q quits
• Searching the Manual
man -k keyword lists all matching pages
Uses whatis database
The info Command
– info pages are structured like a website.• Each page is divided into “nodes”.• Links to nodes are preceded by “*”.
– info [<command>]– If you run info with no arguments you will
be presented with a list links to the top nodes of every available info page.
While viewing an info page
Navigate with arrows, pgUp, pgDown
• Tab Move to next link• Enter Follow link the cursor is on• n/p/u View next/previous/up-one node• s[<text>] Search for text (default: last search)• q Quit Viewing page
Extended Documentation
The file:///usr/share/doc/usr/share/doc directory
Sub directories for most installed packages
Location of docs that do not fit elsewhere
Example configuration files
HTML/PDF/PS documentation– http://www.redhat.com/docs
Red Hat Documentation
Available on docs CD or Red Hat website
• Installation Guide
• Deployment Guide
• Virtualization Guide
End of Unit 3
• Questions and Answers
• Summary
• Running Commands
• Getting Help
Unit 4
Browsing the Filesystem
• Linux File Hierarchy Concepts
• Some Important Directories
• File and Directory Names
• Absolute and Relative Pathnames
• Changing Directories [cd]
• Listing Directory Contents [ls]
• Copying Files and Directories [cp]
• Moving and Renaming Files and Directories [mv]
• Creating and Removing Files
• Creating and Removing Directories
• Using Nautilus [Moving , Copying ,Moving and Copying]
• Determining File Content [file]
Objectives
Upon completion of this unit, you should be able to:
Describe important elements of the filesystem hierarchy
• Copy, move, and remove files
• Create and view files
• Manage files with Nautilus
Linux File Hierarchy Concepts
Files and directories are organized into single-rooted inverted tree structure File system begins at the root directory, represented by alone “ / / ” (forward slash) character.
• Names are case-sensitive
• Paths are delimited by /
Basic File system Hierarchy Standard Directories
• // The root directory, the top-level directory in the FHS. All other directories are sub directories of root, which is always mounted on some partition.
• /bin /bin Essential command line utilities. Should not be mounted separately; otherwise, it could be difficult to get to these utilities when using a rescue disk.
• /boot /boot Includes Linux start up files, including the Linux kernel. The default, 100MB, is usually sufficient for a typical modular kernel and additional kernels that you might install.
• /dev /dev Hardware and software device drivers for everything from floppy drives to terminals. Do not mount this directory on a separate partition.
• /etc /etc Most basic configuration files.
• /home /home Home directories for almost every user.
• /lib/lib Program libraries for the kernel and various command line utilities. Do not mount this directory on a separate partition.
• /media /media The mount point for removable media, including floppy, DVDs.
• /mnt /mnt A legacy mount point; formerly used for removable media.
• /opt /opt Common location for third-party application files.
• /proc /proc Currently running kernel-related processes, including device assignments such as IRQ ports, I/O addresses, and DMA channels, as well as kernel configuration settings such as IP forwarding.
• /root /root The home directory of the root user.
• /sbin /sbin System administration commands. Don't mount this directory separately.
•/selinux /selinux configured settings associated with Security Enhanced Linux.
/tmp /tmp Temporary files. By default, Red Hat Enterprise Linux deletes all files in this directory periodically.
./usr /usr Small programs accessible to all users. Includes many system administration commands and utilities.
./var /var Variable data, including log files and printer spools.
File and Directory Names
• Names may be up to 255 characters
• All characters are valid, except the forward-slash
- It may be unwise to use certain special characters in file or directory names
-Some characters should be protected with quotes when referencing them
• Names are case-sensitive
Example: MAIL, Mail, mail, and mAiL
•
Absolute and Relative Path names
• Absolute path names
Begin with a forward slash Complete "road map" to file location
Can be used anytime you wish to specify a file name
• Relative path names
Do not begin with a slash Specify location relative to your current working directory Can be used as a shorter way to specify a file name
current Working Directory
Each shell and system process has a current working directory
pwdpwd Displays the absolute path to the shell's cwd
Changing Directories
cdcd changes directories To an absolute or relative path: cd /home/joshua/workcd /home/joshua/work , cd project/docscd project/docs
To a directory one level up: cd ..cd ..
To your home directory: cdcd
To your previous working directory: cd -cd -
Listing Directory Contents
Lists contents of the current directory or a specified directory
UsageUsage:
lsls [options] [files_or_dirs]
Example:
ls -a (include hidden files)
ls -l (display extra information)
ls -R (recurse through directories)
ls -ld (directory and symlink information)
Copying Files and Directories
cpcp - copy files and directories
Usage:
cp [options] file destination
More than one file may be copied at a time if the destination is a directory:
cp [options] file1 file2 destination
Copying Files and Directories:The Destination
• If the destination is a directory, the copy is placed there
• If the destination is a file, the copy overwrites the destination
• If the destination does not exist, the copy is renamed
Moving and Renaming Files and Directories
mvmv - move and/or rename files and directories
Usage:
• mv [options] file destination
• More than one file may be moved at a time if the destination is a directory:
mv [options] file1 file2 destination
Creating and Removing Files
touchtouch - create empty files or update file timestamps
rmrm - remove files
Usage:
rm [options] <file>...
Example:
rm -i file (interactive)
rm -r directory (recursive)
rm -f file (force)
Creating and Removing Directories
• mkdirmkdir creates directories
• rmdirrmdir removes empty directories
• rm -rrm -r recursively removes directory trees
Using Nautilus (GUI)
Gnome graphical file system browser
• Can run in spatial or browser mode
Accessed via...
• Desktop icons
Home: Your home directory
Computer: Root file system, network resources and removable media
Applications->System Tools->File Browser
Moving and Copying in Nautilus
• Drag-and-Drop
Drag: Move on same filesystem, copy on different filesystem
Drag + Ctrl: Always copy
Drag + Alt: Ask whether to copy, move or create symbolic link (alias)
• Context menu
Right-click to rename, cut, copy or paste
Determining File Content
Files can contain many types of data Check file type with file before opening to determine appropriate command or application
to use
filefile [options] <filename>...
End of Unit 4 Questions ...?
Summary
• The Linux filesystem hierarchy
• Command-line file management tools
• The Nautilus file manager
Unit 5
Users, Groups and Permissions• Users
• Groups
• Linux File Security
• Permission Precedence
• Permission Types
• Examining Permissions
• Changing File Ownership
• Changing Permissions Symbolic, Numeric and Nautilus
• Symbolic link and hard link
Objectives
Upon completion of this unit, you should be
able to:
• Explain the Linux security model
• Explain the purpose of user and group accounts
• Read and set file permissions
Users
• Every user is assigned a unique User ID number (UID)
UID 0 identifies root
• Users' names and UIDs are stored in /etc/passwd
• Users are assigned a home directory and a program that is run when they log in (usually a shell)
• Users cannot read, write or execute each others' files without permission
Groups
• Users are assigned to groups Each group is assigned a unique Group ID number (gid)
• GIDs are stored in /etc/group
• Each user is given their own private group Can be added to other groups for additional access
• All users in a group can share files that belong to the group
Linux File Security
• Every file is owned by a UID and a GID
• Every process runs as a UID and one or more GIDs
Usually determined by who runs the process
• Three access categories:
-Processes running with the same UID as the file (user)
-Processes running with the same GID as the file (group)
-All other processes (other)
Permission Precedence
• If UID matches, user permissions apply Otherwise,
• If GID matches, group permissions apply
• If neither match, other permissions apply
Permission Types
Four symbols are used when displaying
permissions:
rr: permission to read a file or list a directory's contents
ww: permission to write to a file or create and remove files from a directory
x: x: permission to execute a program or change into a directory and do a long listing of the directory
--: no permission (in place of the r, w, or x)
Examining Permissions
File permissions may be viewed using ls -l
$ ls -l ls -l /bin/login
-rwxr-xr-x-rwxr-xr-x 1 root root 19080 Apr 1 18:26 /bin/login
File type and permissions represented by a 10 character string
Interpreting Permissions
-rwxr-x----rwxr-x--- 1 andersen trusted 2948 Oct 11 14:07 myscript
• Read, Write and Execute for the owner, andersen
• Read and Execute for members of the trusted group
• No access for all others
Changing File Ownership
• Only root can change a file's owner
Only root or the owner can change a file'group
• Ownership is changed with chownchown:
chown [-R] user_name file|directory
Group-Ownership is changed with chgrpchgrp:
chgrp [-R] group_name file|directory
Changing Permissions – Symbolic Method
To change access modes:
chmodchmod [-R] mode file
Where mode is:
• u,g or o for user, group and other
• + or - for grant or deny
• r, w or x for read, write and execute
Examples:
• ugo+r: Grant read access to all
• o-wx: Deny write and execute to others
Changing Permissions – Numeric Method
• Uses a three-digit mode number
-first digit specifies owner's permissions
-second digit specifies group permissions
-third digit represents others' permissions
Permissions are calculated by adding:
• 4 (for read)
• 2 (for write)
• 1 (for execute)
Example:
chmod 640 myfile
Changing Permissions – Nautilus
Nautilus can be used to set the permissions and group membership of files and directories. In a Nautilus window, right-click on a file Select Properties from the context menu Select the Permissions tab
End of Unit 5
Questions ...?
Summary
• All files are owned by one user and one group
• The mode of a file is made up of three permissions:
user, the group and all others
• three permissions may be granted or denied: read,
write and execute
Unit 6
Using the bash Shell• Command Line Shortcuts File Gobbling, The Tab Key
• History , History Tricks
• Command Line Expansion,Commands and Braced Sets
• Command Editing Tricks
• gnome-terminal
• Scripting Basics
• Creating Shell Scripts Samples
Objectives
Upon completion of this unit, you should be able to:
• Use command-line shortcuts
• Use command-line expansion
• Use history and editing tricks
• Use the gnome-terminal
Command Line Shortcuts File Globbing
• Globbing is wildcard expansion:
- * - matches zero or more characters
- ? - matches any single character
- [0-9] - matches a range of numbers
-[abc] - matches any of the character in the list
- [^abc] - matches all except the characters in the list
Command Line Shortcuts The Tab Key
Type TabTab to complete command lines:
For the command name, it will complete a command name
For an argument, it will complete a file name
Examples:
$ xte<Tab>
$ xterm
$ ls myf<Tab>
$ ls myfile.txt
Command Line Shortcuts History
bash stores a history of commands you've entered, which can be used to repeat commands
Use history command to see list of remembered commands
$ history
14 cd /tmp
15 ls -l
16 cd
17 cp /etc/passwd .
18 vi passwd
More History Tricks
• Use the up and down keys to scroll through previous commands
Type Ctrl-rCtrl-r to search for a command in command history.
(reverse-i-search)`':
• To recall last argument from previous command:
Esc,. (the escape key followed by a period)
Alt-. (hold down the alt key while pressing the period)
Command Line Expansion The tilde
• Tilde ( ~ )
May refer to your home directory
$ cat ~/.bash_profile
• May refer to another user's home directory
$ ls ~julie/public_html
Command Line Expansion Commands and Braced Sets
• Command Expansion:“()” Prints output of one command as an argument to another
$ echo "This system's name is $(hostname)"
This system's name is server1.example.com
• Brace Expansion: { }
Shorthand for printing repetitive strings
$ echo file{1,3,5}
file1 file3 file5
$ rm -f file{1,3,5}
Command Editing Tricks
• Ctrl-a moves to beginning of line
• Ctrl-e moves to end of line
• Ctrl-u deletes to beginning of line
• Ctrl-k deletes to end of line
• Ctrl-arrow moves left or right by word
Gnome-terminal
Applications->Accessories->Terminal
Graphical terminal emulator that supports multiple "tabbed" shells
• Ctrl-Shift-t creates a new tab
• Ctrl-PgUp/PgDn switches to next/prev tab
• Ctrl-Shift-c copies selected text
• Ctrl-Shift-v pastes text to the prompt
Scripting Basics
• Shell scripts are text files that contain a series of commands or statements to be executed.
• Shell scripts are useful for:
-Automating commonly used commands
-Performing system administration and
-troubleshooting
-Creating simple applications
-Manipulation of text or files
Creating Shell Scripts
Step 1: Use such as vi to create a text file containing commands
-First line contains
#!/bin/bash
Comment your scripts! Comments start with a #
Step 2: Make the script executable:
$ chmod u+x myscript.sh$ chmod u+x myscript.sh
To execute the new script:
Place the script file in a directory in the executable
path -OR-Specify the absolute or relative path to the script on the command line
Sample Shell Script
#!/bin/bash
# This script displays some information about your environment
echo "Greetings. The date and time are $(date)"
echo "Your working directory is: $(pwd)"
End of Unit 6
Questions ...?
Summary
• Command expansion: $()
• History recall: !string, !num
• Scripting Basics
Unit 7
Standard I/O and Pipes
• Standard Input and Output [ STDIN , STDOUT, STDERR]
• Redirecting Output to a File , Examples
• Redirecting STDOUT to a Program (Piping)
• Combining Output and Errors
• Redirecting to Multiple Targets [tee]
• Redirecting STDIN from a File
• Sending Multiple Lines to STDIN
• Scripting: for loops , examples
Objectives
Upon completion of this unit, you should be able to:
• Redirect I/O channels to files
• Connect commands using pipes
• Use the for loops to iterate over sets of values
Standard Input and Output Linux provides three I/O channels to Programs
• Standard input (STDIN) - keyboard by default
• Standard output (STDOUT) - terminal window by default
• Standard error (STDERR) - terminal window by default
Redirecting Output to a File
STDOUT and STDERR can be redirected to files:
commandcommand operator filename
Supported operators include:
> Redirect STDOUT to file
2> Redirect STDERR to file
&> Redirect all output to file
File contents are overwritten by default. >> appends.
Redirecting Output to a File Examples
This command generates output and errors
when run as non-root:
$ find /etc -name passwd
Operators can be used to store output and
errors:
$ find /etc -name passwd > find.out
$ find /etc -name passwd 2> /dev/null
$ find /etc -name passwd > find.out 2> find.err
Redirecting STDOUT to a Program (Piping)
Pipes (the || character) can connect commands:
command1 || command2
• Sends STDOUT of command1 to STDIN of command2 instead of the screen.
• STDERR is not forwarded across pipes
Used to combine the functionality of multiple tools
command1 | command2 | command3... etc
Redirecting STDOUT to a Program Examples lessless: View input one page at a time:
$ ls -l /etc | less
Input can be searched with /
mailmail: Send input via email:
$ echo "test email" | mail -s "test" [email protected]
lprlpr : Send input to a printer
$ echo "test print" | lpr
$ echo "test print" | lpr -P printer_name
Combining Output and Errors
Some operators affect both STDOUT and STDERR
• &>&>: Redirects all output:
$ find /etc -name passwd &> find.all
• 2>&12>&1: Redirects STDERR to STDOUT
Useful for sending all output through a pipe
$ find /etc -name passwd 2>&1 | less
()(): Combines STDOUTs of multiple programs
$ ( cal 2007 ; cal 2008 ) | less
Redirecting to Multiple Targets (tee)
$ command1 | tee filename | command2
Stores STDOUT of command1 in filename, then pipes to command2
Uses:
• Troubleshooting complex pipelines
• Simultaneous viewing and logging of output
Redirecting STDIN from a File
Redirect standard input with <
Some commands can accept data redirected to STDIN from a file:
$ tr 'a-z' 'A-Z' < .bash_profile
This command will translate the uppercase
characters in .bash_profile to lowercase
Equivalent to:
$ cat .bash_profile | tr 'a-z' 'A-Z'
Sending Multiple Lines to STDIN Redirect multiple lines from keyboard to STDIN with <<WORD
-All text until WORDWORD is sent to STDIN
Sometimes called a heretext
$ mail -s "Please Call" [email protected] <<END
> Hi Jane,
> Please give me a call when you get in. We may need
> to do some maintenance on server1.
> Details when you're on-site,
> Boris
> END
Scripting: for loops
Performs actions on each member of a set of values
Example:
for NAME in joe jane julie
do
ADDRESS="[email protected]"
MESSAGE='Projects are due today!'
echo $MESSAGE | mail -s Reminder $ADDRESS
done
Can also use command-output and file lists:
• for num in $(seq 1 10)
Assigns 1-10 to $num
seq X Y prints the numbers X through Y
• for file in *.ttxt
Assigns names of text files to $file
End of Unit 7
Questions ...?
Summary
• Standard I/O channels
• File redirection
-Standard input (<)
-Standard Output (>)
-Standard Error (2>)
• Pipes redirect standard output to standard input
• for loops can perform commands on items from a
• program's standard output or an explicit list
Unit 8
Text Processing Tools• Tools for Extracting Text
• Viewing File Contents
• Extracting Text by Keyword, Column
• Tools for Analyzing Text
• Gathering Text Statistics
• Sorting Text
• Eliminating Duplicate Lines
• Comparing Files
• Duplicating File Changes
• Spell Checking with aspell
• Tools for Manipulating Text
• Special Characters for Complex Searches
Objectives
Upon completion of this unit, you should be able to:
• Use tools for extracting, analyzing and
• manipulating text data
Tools for Extracting Text
• File Contents: less and cat
• File Excerpts: head and tail
• Extract by Column: cut
• Extract by Keyword: grep
Viewing File Contents less and cat
• catcat: dump one or more files to STDOUT
Multiple files are concatenated together
lessless: view file or STDIN one page at a timeUseful commands while viewing
/text searches for text
n/N jumps to the next/previous match
v opens the file in a text editor
less is the pager used by man
Viewing File Excerpts head and tail
headhead: Display the first 10 lines of a file Use -n to change number of lines displayed
tailtail: Display the last 10 lines of a file Use -n to change number of lines displayed Use -f-f to "follow" subsequent additions to the file
*Very useful for monitoring log files!
Extracting Text by Keyword grep
Prints lines of files or STDIN where a pattern is matched
$ grepgrep 'john' /etc/passwd
$ date --help | grep year
Use -i-i to search case-insensitively
Use -n -n to print line numbers of matches
Use -v-v to print lines not containing pattern
Use -AX-AX to include the X lines after each match
Use -BX-BX to include the X lines before each match
Extracting Text by Column cut
Display specific columns of file or STDIN data
$ cut -d: -f1 /etc/passwd
$ grep root /etc/passwd | cut -d: -f7
Use -d to specify the column delimiter
(default is TAB)
Use -f to specify the column to print
Use -c to cut by characters
$ cut -c2-5 /usr/share/dict/words
Tools for Analyzing Text
• Text Stats: wcwc
• Sorting Text: sortsort
• Comparing Files: diffdiff and patchpatch
• Spell Check: aspellaspell
Gathering Text Statistics wc (word count)
Counts words, lines, bytes and characters Can act upon a file or STDIN
$ wc story.txt
39 237 1901 story.txt
Use -l for only line count
Use -w for only word count
Use -c for only byte count Use -m for character count
(not displayed)
Sorting Text sort
sortsort text to STDOUT - original file unchanged
$ sort [options] file(s)
Common options
-r performs a reverse (descending) sort
-n performs a numeric sort
-f ignores (folds) case of characters in strings
-u (unique) removes duplicate lines in output
-t c uses c as a field separator
-k X sorts by c-delimited field X Can be used multiple times
Eliminating Duplicate Lines sort and uniq
sort -usort -u: removes duplicate lines from input
uniquniq: removes duplicate adjacent lines from input
• Use -c to count number of occurrences
• Use with sort for best effect:
$ sort userlist.txt | uniq
Duplicating File Changes patch
diffdiff output stored in a file is called a "patchfile"
Use -u for "unified" diff, best in patchfiles patch duplicates changes in other files (use with care!)
Use -b to automatically back up changed files
$ diff -u foo.conf-broken foo.conf-works > foo.patch
$ patchpatch -b foo.conf-broken foo.patch
Spell Checking with aspell
Interactively spell-check files:
$ aspellaspell check letter.txt
Non-interactively list mis-spelled words in
STDIN
$ aspell list < letter.txt
$ aspell list < letter.txt | wc -l
Tools for Manipulating Text tr and sed
Alter (trtranslate) Characters: tr tr Converts characters in one set to corresponding characters in another set Only reads data from STDIN
$ tr 'a-z' 'A-Z' < lowercase.txt
Alter Strings: sedsed stream editor
Performs search/replace operations on a stream of text
Normally does not alter source file Use -i.bak to back-up and alter source file
Sed Examples
Quote search and replace instructions!
sed addresses
sed 's/dog/cat/g' pets
sed '1,50s/dog/cat/g' pets
sed '/digby/,/duncan/s/dog/cat/g' pets
Multiple sed instructions
sed -e 's/dog/cat/' -e 's/hi/lo/' pets
sed -f myedits pets
Special Characters for Complex Searches Regular Expressions
• ^ ^ represents beginning of line
• $ $ represents end of line
Character classes as in bash:
[abc], [^abc]
[[:upper:]], [^[:upper:]]
Used by:
grep, sed, less, others
End of Unit 8Questions Summary
Extracting Text
cat, less, head, tail, grep, cut
Analyzing Text
wc, sort, uniq, diff, patch
Manipulating Text tr, sed
• Special Search Characters
^, $, [abc], [^abc], [[:alpha:]], [^[:alpha:]],
Unit 9
vim: An Advanced Text Editor• Introducing vim
• vim: A Modal Editor
• vim Basics [Opening a file, Modifying a File, Saving a File and Exiting]
• Using Command Mode [Moving Around, Search and Replace , Manipulating Text, Undoing]
• Visual Mode
• Using multiple "windows"
• Configuring vi and vim
Objectives
Upon completion of this unit, you should be able to:
• Use the three primary modes of vi and vim
• Navigate text and enter Insert mode
• Change, delete, yank, and put text
• Undo changes
• Search a document
• Save and exit
Introducing vim
Newer version of vi, the standard Unix text editor Executing vi runs vim by default gvim: Graphical version of vim
Applications + Programming -> Vi iMproved
Provided by vim-X11 package
Advantages:
Speed: Do more with fewer keystrokes
Simplicity: No dependence on mouse/GUI
Availability: Included with most Unix-like OSes
Disadvantages
Difficulty: Steeper learning curve than simpler editors
Key bindings emphasize speed over intuitiveness
vim: A Modal Editor
Keystroke behavior is dependent upon vim's "mode"
Three main modes:
Command ModeCommand Mode (default): Move cursor, cut/paste
text, change mode
Insert ModeInsert Mode: Modify text
Ex ModeEx Mode: Save, quit, etc
Esc exits current mode
EscEsc always returns to command mode
vim Basics
To use vim, you must at least be able to
• Open a file
• Modify a file (insert mode)
• Save a file (ex mode)
Opening a file in vim
To start vi:
vim filename
• If the file exists, the file is opened and the contents are displayed
• If the file does not exist, vi creates it when the edits
are saved for the first time
Modifying a File Insert Mode
• i begins insert mode at the cursor
• Many other options exist
• A append to end of line
• I insert at beginning of line
• o insert new a line (below)
• O insert new line (above)
Saving a File and Exiting vim Ex Mode
Enter Ex Mode with :
Creates a command prompt at bottom-left of screen
Common write/quit commands:
:w writes (saves) the file to disk
:wq writes and quits
:q! quits, even if changes are lost
Using Command Mode
• Default mode of vim
• Keys describe movement and text manipulation commands Commands repeat when preceded by a number
Example
• Right Arrow moves right one character
• 5, Right Arrow moves right five characters
Moving Around Command Mode
Move by character: Arrow Keys, h, j, k, l
Non-arrow keys useful for remote connections to older systems
• Move by word: w, b
• Move by sentence: ), (
• Move by paragraph: }, {
• Jump to line x: xG
• Jump to end: G
Search and Replace Command Mode
Search as in less /, n, N
Search/Replace as in sed Affects current line by default
Use x,y ranges
EX :1,5s/cat/dog/
or % for whole file
EX :%s/cat/dog/gi
Manipulating Text Command Mode
Change (replace) Delete (cut) Yank (copy)
Line cc dd yy
Letter cl dl yl
Word cw dw yw
Sentence ahead c) d) y)
Sentence behind c( d( y(
Paragraph above c{ d{ y{
Paragraph below c} d} y}
Undoing Changes Command Mode
• u undo most recent change
• U undo all changes to the current line since
the cursor landed on the line
• Ctrl-r redo last "undone" change
Visual Mode
Allows selection of blocks of text
• v starts character-oriented highlighting
• V starts line-oriented highlighting
• Activated with mouse in gvim
Visual keys can be used in conjunction with movement keys:
w, ), }, arrows, etc
• Highlighted text can be deleted, yanked,
• changed, filtered, search/replaced, etc.
Using multiple "windows"
Multiple documents can be viewed in a single vim screen.
• Ctrl-w, s splits the screen horizontally
• Ctrl-w, v splits the screen vertically
Ctrl-w, Arrow moves between windows
Ex-mode instructions always affect the current window
• :help windows displays more window commands
Configuring vi and vim Configuring on the fly
:set or :set all
Configuring permanently
~/.vimrc or ~/.exrc
A few common configuration items
:set number
:set autoindent
:set textwidth=65 (vim only)
:set wrapmargin=15
:set ignorcase
Run :help option-list for a complete list
Learning more
vi/vim built-in help
:help
:help topic
Use :q to exit help
vimtutorvimtutor command
End of Unit 9
Questions ...?
Summary
• Use the three primary modes of vi and vim
• Move the cursor and enter Insert mode
• Change, delete, yank, and put text
• Undo changes
• Search a document
• Save and exit
Unit 10
Basic System Configuration Tools
• TCP/IP Network Configuration
• Managing Ethernet Connections
• Graphical Network Configuration [system-config-network]
• Network Configuration Files [Ethernet Devices, Global Network Settings, DNS]
• Printing in Linux [system-config-printer, Commands]
• Setting the System's Date and Time [system-config-date,
date ]
Objectives
Upon completion of this unit, you should be able to:
• Configure date, network and printer settings
• Send text to the printer
• Set the system's date and time
TCP/IP Network Configuration
Important network settings:
• IP Configuration
• Device Activation
• DNS Configuration
• Default Gateway
Managing Ethernet Connections
• Network interfaces are named sequentially: eth0, eth1, etc
• Multiple addresses can be assigned to a device with aliases
Aliases are labeled eth0:1, eth0:2, etc, Aliases are treated like separate interfaces
• View interface configuration with ifconfig [ethX]
• Enable interface with ifup ethX
• Disable interface with ifdown ethX
Graphical Network Configuration system-config-network
System->Administration->Network
• Activate/Deactivate interfaces
• Assign IP Addresses/DHCP
• Modify DNS settings
• Modify gateway address
Network Configuration Files Ethernet Devices
• Device configuration is stored in text files
/etc/sysconfig/network-scripts/ifcfg-ethX
• Complete list of options in /usr/share/doc/
initscripts-*/sysconfig.txt
Dynamic Configuration Static Configuration
DEVICE=ethX DEVICE=ethX
HWADDR=0:02:8A:A6:30:45 HWADDR=0:02:8A:A6:30:45
BOOTPROTO=dhcp IPADDR=192.168.0.254
ONBOOT=yes NETMASK=255.255.255.0
Type=Ethernet GATEWAY=192.168.2.254
ONBOOT=yes
Type=Ethernet
Network Configuration Files Other Global Network Settings
• Global Settings in /etc/sysconfig/network
Many may be provided by DHCP
• GATEWAY can be overridden in ifcfg file
NETWORKING=yes
HOSTNAME=server1.example.com
GATEWAY=192.168.2.254
Network Configuration Files
DNS Configuration
Domain Name Service translates hostnames to network addresses
Server address is specified by dhcp or in /etc/resolv.conf
search example.com cracker.org
nameserver 192.168.0.254
nameserver 192.168.1.254
Printing in Linux
• Printers may be local or networked
• Print requests are sent to queues
• Queued jobs are sent to the printer on a first come first served basis
• Jobs may be canceled before or during printing
System-config-printer
• System->Administration->Printing
• Supported printer connections:
Local (parallel or usb)
Unix/Linux print server
Windows print server
Netware print server
HP JetDirect
• Configuration stored in /etc/cups/printers.conf
Printing Commands• lprlpr sends a job to the queue to be printed
Accepts ASCII, PostScript, PDF, others
• lpqlpq views the contents of the queue
• lprmlprm removes a job from the queue
• System V printing commands such as lp, lpstat and cancel are also supported
Printing Utilities
• evince views PDF documents
• lpstat -a lists configured printers
• enscript and a2ps convert text to PostScript
• ps2pdf converts PostScript to PDF
• mpage prints multiple pages per sheet
Setting the System's Date and Time
• GUI: system-config-date
System->Administration->Date & Time
Can set date/time manually or use NTP
Additional NTP servers can be added
Can use local time or UTC
• CLI: date [MMDDhhmm[[CC]YY][.ss]]
# date 01011330
# date 010113302007.05
End of Unit 10 Questions ...?
Summary
• system-config-network
• /etc/sysconfig/network-scripts/*
• ifup, ifdown
• lpr sends text to the printer
• date configures date/time from CLI
• system-config-date configures date/time from GUI
Unit 11
Investigating and Managing Processes• What is a Process?
• Listing Processes, Finding Processes
• Signals ,Sending Signals to Processes
• Scheduling Priority
• Altering Scheduling Priority
• Interactive Process Management Tools [gnome-system-monitor, top]
• Job Control
• Scheduling a Process To Execute Later [at , crontab]
• Grouping Commands , Exit Status
• Conditional Execution Operators
• The test Command
• Scripting: if Statements
Objectives
Upon completion of this unit, you should be able to:
• Explain what a process is
• Describe how to manage processes
• Use job control tools
What is a Process?
A process is a set of instructions loaded into memory
• Numeric Process ID (PID) used for identification
• UID, GID and SELinux context determines filesystem access
• Normally inherited from the executing user
Listing Processes
View Process information with psps Shows processes from the current terminal by default
• -a includes processes on all terminals
• -x includes processes not attached to terminals
• -u prints process owner information
• -f prints process parentage
• -o PROPERTY,... prints custom information:
pid, comm, %cpu, %mem, state, tty, euser, ruser
Finding Processes
Most flexible: ps options | othercommands
ps axo comm,tty | grep ttyS0
By predefined patterns: pgrep
$ pgrep -U root
$ pgrep -G student
By exact program name: pidof
$ pidof bash
Signals
Most fundamental inter-process communication Sent directly to processes, no user-interface required Programs associate actions with each signal
-Signals are specified by name or number when sent:
• Signal 1515, TERM (default) - Terminate cleanly
• Signal 99, KILL - Terminate immediately
• Signal 11, HUP - Re-read configuration files
man 7 signal shows complete list
Sending Signals to Processes
By PID: kill [signal] pid ...
By Name: killall [signal] comm ...
By pattern: pkill [-signal] pattern
Scheduling Priority
• Scheduling priority determines access to the CPU
• Priority is affected by a process' nice value
• Values range from -20 to 19 but default to 0
Lower nice value means higher CPU priority
Viewed with ps -o comm,niceps -o comm,nice
Altering Scheduling Priority
Nice values may be altered...
• When starting a process:
$ nicenice -n 5 command
• After starting:
$ renicerenice 5 PID
Only root may decrease nice values
Interactive Process Management Tools
• CLI: top
• GUI: gnome-system-monitor
Capabilities
Display real-time process information
Allow sorting, killing and re-nicing
Job Control Run a process in the background Append an ampersand to the
command line: firefox &&
Temporarily halt a running program Use Ctrl-zCtrl-z or send signal 17 (STOP)
Manage background or suspended jobs
List job numbers and names: jobsjobs
Resume in the background: bgbg [%jobnum]
Resume in the foreground: fgfg [%jobnum]
Send a signal: killkill [-SIGNAL] [%jobnum]
Scheduling a Process To Execute Later One-time jobs use atat, recurring jobs use
crontabcrontab
Create at time crontab -e
List at -l crontab -l
Details at -c jobnum N/A
Remove at -d jobnum crontab -r
Edit N/A crontab -e
• Non-redirected output is mailed to the user
• root can modify jobs for other users
Crontab File Format
Entry consists of five space-delimited fields followed by
a command line One entry per line, no limit to line length
Fields are:-
minute, hour, day of month, month, and day of week
Comment lines begin with #
for details See man 5 crontab
Grouping Commands
Two ways to group commands:
Compound: date; who | wc -l
Commands run back-to-back
Subshell: (date; who | wc -l) >> /tmp/trace
All output is sent to a single STDOUT and STDERR
Exit Status
Processes report success or failure with an exit status
0 for success, 1-255 for failure
$? stores the exit status of the most recent command
exit [num] terminates and sets status to num
Example:
$ ping -c1 -W1 station999 &> /dev/null
$ echo $?
2
Conditional Execution Operators
Commands can be run conditionally based on exit status
&& represents conditional AND THEN
|| represents conditional OR ELSE
Examples:
$ grep -q no_such_user /etc/passwd || echo 'No such user'
$ ping -c1 -W2 station1 &> /dev/null && echo "station1 is up" || $(echo 'station1 is unreachable'; exit 1)
station1 is up
The test Command
Evaluates boolean statements for use in conditional execution
Returns 0 for true
Returns 1 for false
Examples in long form:
$ test "$A" = "$B" && echo "Strings are equal"
$ test "$A" -eq "$B" && echo "Integers are equal"
Examples in shorthand notation:
$ [ "$A" = "$B" ] && echo "Strings are equal"
$ [ "$A" -eq "$B" ] && echo "Integers are equal"
File Tests
File tests:
-f tests to see if a file exists and is a regular file
-d tests to see if a file exists and is a directory
-x tests to see if a file exists and is executable
[ -f ~/lib/functions ] && source ~/lib/functions
Scripting: if Statements
Execute instructions based on the exit status of a
command
if ping -c1 -w2 localhost &> /dev/null; then
echo 'localhost is UP'
elif grep "localhost" ~/maintenance.txt &> /dev/null; then
echo 'localhost is undergoing maintenance'
else
echo 'localhost is unexpectedly DOWN!'
exit 1
fi
End of Unit 11
Questions ...?
Summary
• A process is any set of instructions in memory
• Processes are managed with: ps, kill, top, gnome-
• system-monitor
• Suspend jobs with Ctrl-z, manage with fg, bg
Unit 12
Configuring the Bash Shell• Bash Variables
• Environment Variables
• Some Common Variables
• Aliases
• How bash Expands a Command Line , Preventing Expansion
• Login vs non-login shells
• Bash start up tasks: profile
• Bash start up tasks: bashrc
• Bash exit tasks
• Scripting: Taking input with positional Parameters
• Scripting: Taking input with the read command
ObjectivesUpon completion of this unit, you should be able to:
• Know how to use local and environment variables
• Know how to inhibit variable expansion
• Know how to create aliases
• Understand how the shell parses a command line
• Know how to configure start up files
• Know how to handle input with the read command and positional parameters
Bash Variables
Variables are named values Useful for storing data or command output
Set with VARIABLE=VALUE
Referenced with $VARIABLE
$ HI="Hello, and welcome to $(hostname)."
$ echo $HI
Hello, and welcome to stationX.
Environment Variables
Variables are local to a single shell by default
Environment variables are inherited by child shells
Set with export VARIABLE=VALUE
Accessed by some programs for configuration
Aliases
Aliases let you create shortcuts to commands
$ alias dir='ls -laF'
Use alias by itself to see all set aliases
Use alias followed by an alias name to see
alias value
$ alias dir
alias dir='ls -laF'
How bash Expands a Command Line
1. Split the line into words
2. Expand aliases
3. Expand curly-brace statements ({})
4. Expand tilde statements (~)
5. Expand variables ($)
6. Command-substituation ($() and ``)
7. Split the line into words again
8. Expand file globs (*, ?, [abc], etc)
9. Prepare I/O redirections (<, >)
10. Run the command!
Preventing Expansion Backslash ( \ ) makes the next character literal
$ echo Your cost: \$5.00
Your cost: $5.00
Quoting prevents expansion
Single quotes (') inhibit all expansion
Double quotes (") inhibit all expansion, except:
$ (dollar sign) - variable expansion
` (backquotes) - command substitution
\ (backslash) - single character inhibition
! (exclamation point) - history substitution
Login vs non-login shells
Startup is configured differently for login and non-login shells
• Login shells are:
Any shell created at login (includes X login)
su -
• Non-login shells are:
su
graphical terminals
executed scripts
any other bash instances
Bash start up tasks: profile
Stored in /etc/profile (global) and ~/.
bash_profile (user)
Run for login shells only
Used for
Setting environment variables
Running commands (eg mail-checker script)
Bash start up tasks: bashrc
Stored in /etc/bashrc (global) and ~/.bashrc
(user)
Run for all shells
Used for
• Setting local variables
• Defining aliases
Bash exit tasks
Stored in ~/.bash_logout (user)
Run when a login shell exits
Used for
• Creating automatic backups
• Cleaning out temporary files
Scripting: Taking input with positional Parameters
Positional parameters are special variables that hold the command-line arguments to the script.
The positional parameters available are $1,$2, $3, etc. . These are normally assigned to
more meaningful variable names to improve clarity.
$* holds all command-line arguments
$# holds the number of command-line arguments
Scripting: Taking input with the read command
Use read to assign input values to one or more shell variables:
-p designates prompt to display
read reads from standard input and assigns one
word to each variable
Any leftover words are assigned to the last variable
read -p "Enter a filename: " FILE
End of Unit 12
Questions ...?
Summary
• local and environment variables
• command line parsing
• configuring the shell environment
• positional parameters and the read command
Unit 13
Finding and Processing Files
• locate
• find
• The Gnome Search Tool
Objectives
Upon completion of this unit, you should be able to:
• Use locate
• Use find
• Use the Gnome Search tool
Locate
• Queries a pre-built database of paths to files on the system
Database must be updated by administrator
Full path is searched, not just filename
• May only search directories where the user has read and execute permission
locate Examples
locate foo
Search for files with "foo" in the name or path
locate -r '\.foo$'
Regex search for files ending in ".foo"
Useful options
-i performs a case-insensitive search
-n X lists only the first X matches
Find
find [directory...] [criteria...]
• Searches directory trees in real-time
Slower but more accurate than locate
CWD is used if no starting directory given
All files are matched if no criteria given
• Can execute commands on found files
• May only search directories where the user has read and execute permission
Basic find Examples
find -name snow.png
Search for files named snow.png
find -iname snow.png
Case-insensitive search for files named snow.png, Snow.png, SNOW.PNG, etc
find -user joe -group joe
Search for files owned by the user joe and the group joe
find and Logical Operators
Criteria are ANDed together by default.
Can be OR'd or negated with -o and -not
Parentheses can be used to determine logic
order, but must be escaped in bash.
find -user joe -not -group joe
find -user joe -o -user jane
find -not \( -user joe -o -user jane \)
find and Permissions
Can match ownership by name or id
find / -user joe -o -uid 500
Can match octal or symbolic permissions
find -perm 755 matches if mode is exactly 755
find -perm +222 matches if anyone can write
find -perm -222 matches if everyone can write
find -perm -002 matches if other can write
find and Numeric Criteria
Many find criteria take numeric values
find -size 1024k
Files with a size of exactly 1megabyte
find -size +1024k
Files with a size over 1 megabyte
find -size -1024k
Files with a size less than 1 megabyte
find and Access Times
find can match by inode timestamps
-atime when file was last read
-mtime when file data last changed
-ctime when file data or metadata last changed Value given is in days
find -ctime -10
Files modified less than 10 days ago
Executing Commands with find
Commands can be executed on found files
Command must be preceded with -exec or -ok
-ok prompts before acting on each file
Command must end with Space\;
Can use {} as a filename placeholder
find -size +102400k -ok gzip {} \;
find Execution Examplesfind -name "*.cconf" -exec cp {} {}.orig\;
Back up configuration files, adding a .orig extension
find /tmp -ctime +3 -user joe -ok rm {}\;
Prompt to remove Joe's tmp files that are over 3 days old
find ~ -perm +o+w -exec chmod o-w {} \;
Fix other-writable files in your home directory
The Gnome Search Tool
Places->Search for Files...
Graphical tool for searching by
name
content
owner/group
size
modification time
End of Unit 13
Questions ...?
Summary
• Use locate to quickly find files that are not new
• Use find to search based on very specific criteria
• and optionally run commands on matching files
• Use the Gnome Search Tool for an intuitive, but
• powerful GUI search tool.
Unit 14
• Network Clients• Web Clients
• Non-GUI Web Browsers
• wget
• Evolution
• Non-GUI Mail Clients
• Open Ssh: Secure Remote Shell , scp
• rsync: Efficient File Sync
• FTP Clients,smbclient
• File Transfer with Nautilus
• Network Diagnostic Tools [ping , tracrout, host dig netstat, gnome-nettool]
Objectives
Upon completion of this unit, you should be able to:
• Browse the web
• Exchange email and instant messages
• Access a Linux system remotely
• Transfer files between systems
• Use network diagnostic tools
Web Clients
Firefox
Other web browsers
Non-GUI web browsers
wget
Firefox
Fast, lightweight, feature-rich web browser
Tabbed browsing
Popup blocking
Cookie management
Multi-engine search bar
Support for many popular plug-ins
Themes and Extensions
Non-GUI Web Browsers
links
Provided by the elinks rpm
Full support for frames and ssl
Examples
links http://www.redhat.com
links -dump http://www.redhat.com
links -source http://www.redhat.com
Wget
Retrieves files via HTTP and FTP
Non-interactive - useful in shell scripts
Can follow links and traverse directory trees
on the remote server - useful for mirroring web and FTP sites
Email and Messaging
Evolution
Other email clients
Non-GUI email clients
Gaim
Evolution
• Default email and groupware tool
• Provides email, calendar, tasks and contacts
• Can maintain multiple accounts at once
• Supports GnuPG encryption and signatures
• "Trainable" bayesian spam filters
• Task/Calendar notifications in Gnome clock
• Can sync with many PDAs
Configuring Evolution
Defining accounts
Tools->Settings->Mail Accounts
Supports IMAP, pop, Novell Groupware, Usenet and local email accounts
MS Exchange support via plug-in
Provided by evolution-connector rpm
Install before configuring other
accounts
Configuring Evolution
Defining accounts
Tools->Settings->Mail Accounts
Supports IMAP, pop, Novell Groupware, Usenet and
local email accounts
MS Exchange support via plug-in
Provided by evolution-connector rpm
Install before configuring other accounts
Other GUI Mail Clients
Thunderbird
Standalone Mozilla email client
Kmail
KDE email client
Non-GUI Mail Clients
muttmutt
Supports pop, imap and local mailboxes
Highly configurable
Mappable hotkeys
Message threading and colorizing
GnuPG integration
Context-sensitive help with '?'
Gaim
Multi-protocol Instant messaging client Available in Red Hat Enterprise Linux Client Supports AIM, MSN, ICQ, Yahoo, Jabber,
Gadu-Gadu, SILC, GroupWise Messenger, IRC and Zephyr networks.
Plugins can be used to add functionality.
Open Ssh: Secure Remote Shell
Secure replacement for older remote-access tools
Allows authenticated, encrypted access to
remote systems
ssh [user@]hostname
ssh [user@]hostname command
scp: Secure File Transfer
Secure replacement for rcp
Layered on top of ssh
scp source destination
Remote files can be specified using:
[user@]host:/path/to/file
Use -r to enable recursion
Use -p to preserve times and permissions
Use -C to compress datastream
rsync: Efficient File Sync
Efficiently copies files to or from remote systems
Uses secure ssh connections for transport
rsync *.conf barney:/home/joe/configs/
Faster than scp - copies differences in like files
Open Ssh Key-based AuthenticationOptional, password-less, but still secure, authentication
Uses two keys generated by ssh-keygen:
private key stays on your system
Usually passphrase-protected (recommended )
public key is copied to destination with ssh-copy-id
ssh-copy-id [user@]host
Open Ssh Key-based Authenticationcontinued
An authentication agent stores decrypted private keys
Thus, passphrase only needs to be entered once
An agent is provided automatically in GNOME
Otherwise, run ssh-agent bash
Keys are added to the agent with ssh-add
FTP Clients
CLI: lftp
$ lftp ftp.example.com
$ lftp -u joe ftp.example.com
Automated transfers with lftpget
GUI: gFTP
Applications->Internet->gFTP
Allows Drag-and-Drop transfers
Anonymous or authenticated access
Optional secure transfer via ssh (sftp)
Smbclient
FTP-like client to access SMB/CIFS resources
Examples:
smbclient -L server1 lists shares on server1
smbclient -U student //server1/homes
accesses a share
File Transfer with Nautilus
File/Connect to Server
Graphically browse with multiple protocols
Allows drag-and-drop file transfers
Supported connection types: FTP, SFTP, SMB, WebDAV, Secure WebDAV
Can also connect via url: File/Open Location
Xorg Clients
All graphical applications are X clients Can connect to remote X severs via tcp/ip
Data is not encrypted but can be tunneled securely over an ssh connection
ssh -X user@hostB xterm &
xterm will display on hostA's X server
Transmitted data will be encrypted through the ssh connection
Network Diagnostic Tools
ping
traceroute
host
dig
netstat
gnome-nettool (GUI)
End of Unit 14
Questions ...?
Summary
• Firefox, Evolution and Mutt
• Basic network diagnostic tools
• The importance of secure network clients
Unit 15
Advanced Topics in Users, Groups and Permissions
• User and Group ID Numbers
• User management tools
• System Users and Groups
• Monitoring Logins
• Default Permissions
• Special Permissions for Executables
• Special Permissions for Directories
Objectives
Upon completion of this unit, you should be able to:
• Describe where Linux stores user, group and
• password information
• Change identities
• Set default permissions
• Use special permissions
User and Group ID Numbers
• User names map to user ID numbers
• Group names map to group ID numbers
• Data stored on the hard disk is stored numerically
/etc/passwd, /etc/shadow, and /etc/group files
Authentication information is stored in plain text files:
/etc/passwd
/etc/shadow
/etc/group
/etc/gshadow
User management tools
Graphical tools
system-config-users
Command-line
useradd
usermod
userdel [-r]
System Users and Groups
Server programs such as web or print
servers typically run as unprivileged users, not as root
Examples: daemon, mail, lp, nobody
Running programs in this way limits the
amount of damage any single program can do to the system
Monitoring Logins
Connected users: w
Recent Logins: last, lastb
Default Permissions
Default permission for directories is 777 minus umask
Default permission for files is the directory
default without execute permission.
umask is set with the umask command.
Non-privileged users' umask is 002
Files will have permissions of 664
Directories will have permissions of 775 root's umask is 022
Special Permissions for Executables
Special permissions for executables:
suidsuid: command run with permissions of the owner of the command, not executor of the command
sgidsgid: command runs with group affiliation of the group of the command
Special Permissions for Directories
Special permissions for directories:
sticky bit: files in directories with the sticky bit set can only be removed by the owner and root, regardless of the write permissions of the directory
sgid: files created in directories with the sgid bit set
have group affiliations of the group of the directory
Special Permissions for Directories
Special permissions for directories:
sticky bit: files in directories with the sticky bit set
can only be removed by the owner and root,
regardless of the write permissions of the directory
sgid: files created in directories with the sgid bit set
have group affiliations of the group of the directory
End of Unit 15 Questions ...?
Summary
• User information is stored in /etc/passwd
• Group information is stored in /etc/group
• Special Permissions: Sticky Bit, SetUID, SetGID
Unit 16
The Linux Filesystem In-Depth• Partitions and Filesystems
• Inodes and Directories
• cp and inodes
• mv and inodes
• rm and inodes
• Hard Links ,Symbolic
• The Fundamental File types
• Checking Free Space
• Removable Media , Mounting
• Archiving Files and Compressing
Objectives
• Upon completion of this unit, you should be able to:
• Describe how filesystem information is organized
• Describe the function of dentries and inodes
• Describe how cp, mv, and rm work at the inode level
• Create symbolic links and hard links
• Access removable media
• Create archives using tar and gzip
Partitions and FilesystemsDisk drives are divided into partitions
Partitions are formatted with filesystems allowing users to store data
Default filesystem: ext3, the Third Extended Linux Filesystem
Other common filesystems:
ext2 and msdos (typically used for floppies)
iso9660 (typically used for CDs)
GFS and GFS2 (typically for SANs)
Inodes An inode table contains a list of all files in an ext2 or ext3
filesystem An inode (index node) is an entry in the table, containing information about a file (the metadata),
including:
file type, permissions, UID, GID
the link count (count of path names pointing to this file)
the file's size and various time stamps
pointers to the file's data blocks on disk other data about the file
Directories
The computer's reference for a file is the inode number
The human way to reference a file is by
file name A directory is a mapping between the human name for the file and the computer's inode number
cp and inodes
The cp command:
1. Allocates a free inode number, placing a new entry in the inode table
2. Creates a dentry in the directory, associating a name with the inode number
3. Copies data into the new file
mv and inodes• If the destination of the mv command is onthe same file
system as the source, the mv
command:
1. Creates a new directory entry with the new file name
2. Deletes the old directory entry with the old file name Has no impact on the inode table (except for a time stamp) or the location of data on the disk: no data is moved!
• If the destination is a different filesystem, mv acts as a copy and remove
rm and inodes The rm command:
1. Decrements the link count, thus freeing the inode number to be reused
2. Places data blocks on the free list
3. Removes the directory entry
Data is not actually removed, but will be overwritten when the data blocks are used by another file
Hard Linkshard link adds an additional pathname to reference a single file
One physical file on the filesystem Each directory references the same inode number
Increments the link count
The rm command decrements the link count
File exists as long as at least one link remains
When the link count is zero, the file is removed
Cannot span drives or partitions
Syntax:
ln filename [linkname]
Symbolic (or Soft) Links
A symbolic link points to another file
ls -l ls -l displays the link name and the referenced file
lrwxrwxrwx 1 joe joe 11 Sep 25 18:02 pf -> /etc/passwd
File type: l for symbolic link
The content of a symbolic link is the name of the file that it references
Syntax:
ln -s filename linkname
The Seven Fundamental Filetypes
ls -l symbol File Type
- regular file
d directory
l symbolic link
b block special file
c character special file
p named pipe
s socket
Checking Free Space
dfdf - Reports disk space usage Reports total kilobytes, kilobytes used, kilobytes free per file system
-h and -H display sizes in easier to read units
dudu - Reports disk space usage Reports kilobytes used per directory Includes subtotals for each subdirectory
-s option only reports single directorysummary
Also takes -h and -H options
Applications->System Tools->Disk Usage
Analyzer or baobab - Reports disk space usage graphically
Removable Media Mounting means making a foreign filesystem look like part of
the main tree.
Before accessing, media must be mounted
Before removing, media must be unmounted
By default, non-root users may only mount
certain devices (cd, dvd, floppy, usb, etc)
Mountpoints are usually under /media
Mounting CDs and DVDs
Automatically mounted in Gnome/KDE
Otherwise, must be manually mounted
CD/DVD Reader
mount /media/cdrom
CD/DVD Writer
mount /media/cdrecorder
eject command unmounts and ejects the disk
Mounting USB Media
Detected by the kernel as SCSI devices
/dev/sdaX or /dev/sdbX or similar
Automatically mounted in Gnome/KDE
Icon created in Computer window
Mounted under /media/Device ID
Device ID is built into device by vendor
Archiving Files and Compressing Archives
Archiving places many files into one target file Easier to back up, store, and transfer
tartar - standard Linux archiving command Archives are commonly compressed Algorithm applied that compresses file
Uncompressing restores the original file
tar natively supports compression using gzip and
gunzip, or bzip2 and bunzip2
Creating, Listing, and Extracting File Archives
Action arguments (one is required):
-c create an archive
-t list an archive
-x extract files from an archive
Typically required:
-f archivename name of file archive
Optional arguments:
-z use gzip compression
-j use bzip2 compression
-v be verbose
Creating File Archives: Other Tools
zip and unzip
Supports pkzip-compatible archives
Example:
zip etc.zip /etc
unzip etc.zip
file-roller
Graphical, multi-format archiving tool
End of Unit 16
Questions ...?
Summary
Linux filesystem structure
Using removable media
Using unformatted floppies
Archiving and compression
Unit 17
Essential System Administration Tools
• Planning an Installation
• Performing an Installation
• Managing Services
• Managing Software
• The Yum Package Management Tool
• Graphical Package Management
• Securing the System
• SELinux
• Packet Filtering iptables
• Firewall and SELinux Configuration [system-config-securitylevel
Objectives
Upon completion of this unit, you should be able to:
• Explain the process of installing Red Hat Enterprise Linux
• Identify services, their status and be able to manage the runlevels which start and stop them
• Install software using multiple installation methods
• Understand the basic principles of Red Hat Enterprise Linux security, firewalls, and SELinux
Planning an Installation
What hardware does the system use?
Check hardware compatibility
Read the RELEASE-NOTES file on the first
CD or at http://www.redhat.com
Provides valuable summary of features and gotchas
Performing an Installation
Installer can be started from:
CD-ROM or DVD-ROM
USB Device
Network (PXE)
Supported installation sources:
Network Server (ftp, http or nfs)
CD-ROM or DVD-ROM
Hard Disk
Managing Services
What is a service?
Graphical Interface to Service Management
system-config-services
Command Line Interface to Service
Management
service
chkconfig
Managing Software
Software is provided as RPM packages
Easy installation and removal
Software information stored in a local database
Packages are provided by Red Hat Network
Centralized management of multiple systems
Easy retrieval of errata packages
Systems must be registered first
Custom package repositories may also be used
The Yum Package Management Tool
Front-end to rpm, replacing up2date
Configuration in /etc/yum.conf and /
etc/yum.repos.d/
Used to install, remove and list software
yum install packagename
yum remove packagename
yum update packagename
yum list available
yum list installed
Graphical Package Management pup
Applications->System Tools->Software Updater
List and install software updates
pirut
Applications->Add/Remove Software
View, install and un-install other packages
Securing the System
Basic security principles
Avoid running services that you do not need
Limit access to services that are running
Avoid using services that send data unencrypted
over the network such as instant messaging, pop,
imap, and telnet
SELinux
Kernel-level security system
All processes and files have a context
SELinux Policydictates how processes and files may interact based on context
Policy rules cannot be overridden
Default policy does not apply to all services
Managing SELinux
SELinux errors are logged in the System Log
SELinux can be disabled in an emergency
Disabling SELinux is discouraged!
System->Administration->Security Level and Firewall, SELinux tab
Packet Filtering
Network traffic is divided into packets
Each packet has source/destination data
Firewalls selectively block packets
Firewall and SELinux Configuration
system-config-securitylevel
System-> Administration->Security Level
and Firewall
Selectively allow incoming connections by port
Specify interfaces to trust all traffic from
Responses to outbound queries always accepted
More advanced configuration possible with
other tools
End of Unit 17
Questions ...?
Summary
• System Installation Process
• Managing Services
• Software Installation Tools
• System Security
x
x
x
x
x
